Lucene search

MitreCVE-2002-1699

HistoryJun 21, 2005 - 4:00 a.m.

CVE-2002-1699

2005-06-2104:00:00

mitre

web.nvd.nist.gov

cve-2002-1699

sql injection

asp client check

authentication bypass

unauthorized access

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.7

Confidence

Low

EPSS

0.002

Percentile

61.5%

JSON

SQL injection vulnerability in ASP Client Check (ASPCC) 1.3 and 1.5 allows remote attackers to bypass authentication and gain unauthorized access via the password field.

Affected configurations

Nvd

Node

pascal_michaudasp_client_checkMatch1.3

pascal_michaudasp_client_checkMatch1.5

VendorProductVersionCPE
pascal_michaudasp_client_check1.3cpe:2.3:a:pascal_michaud:asp_client_check:1.3:*:*:*:*:*:*:*
pascal_michaudasp_client_check1.5cpe:2.3:a:pascal_michaud:asp_client_check:1.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
pascal_michaud	asp_client_check	1.3	cpe:2.3:a:pascal_michaud:asp_client_check:1.3:::::::*
pascal_michaud	asp_client_check	1.5	cpe:2.3:a:pascal_michaud:asp_client_check:1.5:::::::*

References

www.osvdb.org/21558

www.securiteam.com/windowsntfocus/5BP031P75C.html

www.securityfocus.com/bid/4676

exchange.xforce.ibmcloud.com/vulnerabilities/9015

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.7

Confidence

Low

EPSS

0.002

Percentile

61.5%

JSON

Related for CVE-2002-1699